Hi,
you probably want to use 0 (thus automatic free port) instead of a specific
port (i.e. 8822) so that you can't run in the situation that the port is
taken by a different application.
Alternatively you can use nc/netcat on the gateway. That has the advantage
that you don't have a open port on the client machine which might be a
security problem in a multi-user environment.
This can be done by using the following Proxy class. You then connect the
session by:
session.setProxy(new NCProxy(username,host,22,jsch));
If you don't have nc on the gateway but /dev/tcp you can use:
http://www.rschulz.eu/2008/09/ssh-proxycommand-without-netcat.html
Roland
class NCProxy implements Proxy {
private ChannelExec channel;
private Session session1;
private String username;
private JSch jsch;
private String host;
private int port;
public NCProxy(String username, String host, int port, JSch jsch) {
this.host = host;
this.port = port;
this.username = username;
this.jsch = jsch;
}
@Override
public void connect(SocketFactory socket_factory, String dhost,
int dport, int timeout) throws Exception {
session1 = jsch.getSession(username, host, port);
session1.setUserInfo(new MyUserInfo());
session1.connect(timeout);
channel = (ChannelExec)session1.openChannel("exec");
channel.setCommand("nc "+dhost+" "+dport); //or netcat, bash, ...
channel.connect(timeout);
}
@Override
public InputStream getInputStream() {
try {
return channel.getInputStream();
} catch (IOException e) {
e.printStackTrace();
return null;
}
}
@Override
public OutputStream getOutputStream() {
try {
return channel.getOutputStream();
} catch (IOException e) {
e.printStackTrace();
return null;
}
}
@Override
public Socket getSocket() {
return null;
}
@Override
public void close() {
channel.disconnect();
session1.disconnect();
}
}
On Fri, Feb 12, 2010 at 12:14 PM, Amol-Gmail <amol...@gmail.com> wrote:
> What it essentially means in code is the following?
>
>
> JSch jsch =
> *new* JSch();
> Session session1 = jsch.getSession(username, "firewall", 22);
> session1.setUserInfo(*new* MyUserInfo(password1));
> session1.connect();
> *int* assinged_port = session1.setPortForwardingL(8822, "machine", 22);
> Session session2 = jsch.getSession(username, "localhost", assinged_port); //
> SHOULD IT BE assinged_port OR 8822 ????
> session2.setUserInfo(*new* MyUserInfo(password2));
> session2.connect();
> // Now execute all commands by creating channel on session2
>
> Is this correct interpretation of your messages?
>
>
>
> ----- Original Message -----
> *From:* B. Scott Smith <sc...@smithdomain.com>
> *To:* Amol-Gmail <amol...@gmail.com>
> *Cc:* jsch-users@lists.sourceforge.net
> *Sent:* Friday, February 12, 2010 10:20 PM
> *Subject:* Re: [JSch-users] How to use JSch for the following scenario
>
> First, you can programmatically SSH to usern...@firewall.
> Then, you can port forward local port 8822 to remote "machine:22".
> Then you can programatically SSH to usern...@localhost:8822.
>
> Amol-Gmail wrote:
>
> Hi Team,
>
> I am using JSch module and have been successful in using it in most of the
> conditions. I am using standard way of connecting as provided in some of the
> examples which is working fine for me.
>
> Now I have an additional requirement, SSH is behind the firewall, and
> following is the manner in which user is connecting to it from his shell:
>
>
> ssh firew...@username
> password: ********
> ssh mach...@username
> password ***************
> su - user
> password: *****
>
> Once user fires this command, he can then fire any commands of interest in
> this session. I am wondering how to program this using JSch code in my java
> application.
>
> Any help/ideas are welcomed.
>
>
> Regards,
> Amol Kulkarni
>
>
>
> ------------------------------------------------------------------------------
> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
> http://p.sf.net/sfu/solaris-dev2dev
> _______________________________________________
> JSch-users mailing list
> JSch-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jsch-users
>
>
--
ORNL/UT Center for Molecular Biophysics cmb.ornl.gov
865-241-1537, ORNL PO BOX 2008 MS6309
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users
